My free yahoo email account was stolen and a fake email was sent to my
contacts asking for money as I was in the U K and robbed. I did get my email
back but my contacts were deleted. After changing my password, I got an email
from the U K asking me to purchase their Firewall and computer protection. I
unsubscribed to that email. Should I have just deleted it? How else has my
computer been compromised? I am starting to get email with offers I did not
subscribe to, such as Publisher Clearing House email winner. Should I just
delete or unsubscribe which may be adding more viruses to my computer.
First, congratulations on getting your account back. Many people do not, and
end up losing the account permanently. That your contacts are gone is not
terribly surprising, though.
The real question that you might be asking yourself is āwhat else did they
do with my email account while they had control of it?ā. Unfortunately, we may
never know.
So, what to do?
]]>
First, you should never, ever āunsubscribeā from email to which you did not actually subscribe. Spammers often use that as a way to validate that the email address theyāre throwing spam at is actually being read by a real, live person. Unsubscribe, and youāll probably end up getting even more spam.
Second, itās very likely that itās not your computer that was compromised, just your Yahoo account. They managed to login to your account via the web from their own computer(s). Your computer was probably never involved.
I have to say āprobablyā, because of course things like spyware could have caused the problem in the first place ā perhaps spyware on your machine allowed them to capture your password, for example. But typically these kinds of account compromises involve only the account, on the web, and nothing on your computer.
Typically.
Now, someone else had your account for some period of time, and clearly they were using it at a minimum to send these bogus āIām trapped in the UKā emails to your contacts.
What else did they do?
Youāll never know.
You can, of course, scan the sent mail folder to see if thereās anything interesting in there, but Iām guessing there wonāt be. If they were able to get your account and wipe out your contacts, they were probably smart enough to erase anything that might have been placed in the sent mail folder while they had it.
So who knows what they did.
Of greater concern might be what else they did to your account. While they had access to your Yahoo account they had access to everything you keep in it. That could be any of the other services beyond email that Yahoo provides, as well as many services that allow you to use your Yahoo login for access.
You should check them all.
Similarly you should check your profile and account information for any personal information that may be kept there. The thieves may have that. You should remove it all, or change it, immediately to prevent the thieves from regaining access to your account. (I strongly suggest you read Is changing my password enough? ā the answer is a resounding āNoā.)
And of course, at a minimum it sounds like youāre getting more spam after your adventure. Thatās not something you can really do much about.
In your shoes, Iād consider the account irreparably compromised. I would not delete it (eventually someone else could inherit your old email address), but I would remove all associations to other services, remove all personal information, and simply stop using it on any regular basis.
Iād create a new account and check the old one only periodically for email from people that donāt have your new address.
My mom got both her yahoo and hotmail compromised. I ran MalwareBytes Anti-Malware and it found some malware which i removed. Not sure if the two are related, though.
Here is another strange thing ā every computer in our apartment building got the same malware except for mine! I have no idea how to explain this.
āHere is another strange thing ā every computer in our apartment building got the same malware except for mine! I have no idea how to explain this.ā
Generally viruses spread around a specific network. If lots of computers connect to a network and none of them have antivirus, one virus on one of the computers could infect all of the computers connected to that same network. Thatās why some colleges and other places will give away antivirus software to use while using their network. It looks like you had antivirus installed, and therefore didnāt get a virus.
07-Aug-2010
Itās gotten to the point where I donāt bother to unsubscribe, anymore. Even legitimate companies tend to ignore Unsubscribes after multiple attempts over a number of years. Since they so routinely ignore Unsubscribes, I simply report them as Spam. Just like physical junk mail, it goes straight to the garbage.
07-Aug-2010